** THIS IS A REPOST OF PR bin/57323,
since I labelled wrong Category: line **
A cross-site scripting vulnerability is reported in CGI.pm.
All of the following are affected:
- 4.x base system's perl 5.005_03
- ports/japanese/perl5 (5.005_03 with Japanese patch)
- ports/lang/perl5 (5.6.1)
- ports/lang/perl5.8 (5.8.0)
I sent separate PRs for 4.x base system (PR bin/57321) and
japanese/perl5.
Fix:
Replace CGI.pm with a newer one, or install ports/www/p5-CGI.pm.
How-To-Repeat: See the exploit code at:
http://marc.theaimsgroup.com/?l=bugtraq&m=105880349328877&w=2

Sorry, I reposted this without checking that PRs bin/57322 and PR bin/57323
are renumbered as ports/57322 and ports/57323.
Therefore, PRs ports/57390 and ports/57391 are now just the duplicates.
Please close them and solve ports/57322 and ports/57323.